Had two factor authentication been turned on in his gmail account it would have prevented the hack. Because I think with two-factor authentication enabled, gmail does not show you part of the recovery email address which was an apple account. Also After that hack happened, Apple has ADDED Two-factor authentication. They also say when you turn that we we will never be able to reset your password for you.

It does add another layer of security - but I wouldn't use it for all my services. I've still yet to make the switch on two-factor authentication, but will in the future for my more important web/cloud based services (Gmail, Dropbox, etc.)

For some things it's perfectly fine, for other things it wastes my time. Forcing it on me would likely annoy me and I'd find another service that doesn't. I understand it's usability don't get me wrong, but I don't care about protecting my junk email account from hackers (and things of that nature).

For some things it's perfectly fine, for other things it wastes my time. Forcing it on me would likely annoy me and I'd find another service that doesn't. I understand it's usability don't get me wrong, but I don't care about protecting my junk email account from hackers (and things of that nature).

I think your views would quickly change if your important accounts were hacked.

Not that long ago I used to use the same password for a lot of my accounts, I knew it was a bad move but never did anything about it until not all that long ago, my email and password that I was using for all these accounts, was exposed in a hack that publicised thousands of account details from some insignificant site that I had not even thought about for years.

Then I realised just how much could be lost if someone went playing with those details.

I use lastpass and fortunately for me, they told me which accounts were compromised,

Unfortunately for me, that was over 300 sites.

I spent the majority of the next few days changing my passwords on all of those sites with a securely generated password from lastpass, which I should have been using the entire time.

A lot of hours wasted and driving me insane, but a lesson learned all the same.

A website I was a member of got hacked so I had to go around and change all my passwords because most of my sites I used the same password. I setup LastPass with the YubiKey for 2-factor authentication and I feel so much more at ease. I just wish more sites would use the Yubikey. If a service offers 2-factor, I use it.

A website I was a member of got hacked so I had to go around and change all my passwords because most of my sites I used the same password. I setup LastPass with the YubiKey for 2-factor authentication and I feel so much more at ease. I just wish more sites would use the Yubikey. If a service offers 2-factor, I use it.

Same, stupidly I wanted the ease of knowing my password for each site over security if it was ever compromised, I lost and spent many hours fixing my mistake.

I think your views would quickly change if your important accounts were hacked.

. . .

I use a different password for everysingleplace I use, and in most cases a different username as well.

I have been 'hacked' before in a game I used to play that ironically had two-factor authentication (A 'Pin-code' system). That's the only thing of mine that has ever been exploited and it turns out they got a SQL dump with non-salted passwords, likely got the un-hashed pass in minutes and brute-forced my pin as the game seems to have zero brute-force recognition. I later got my character back and all of it's stuff as there was an obvious roll-back.

Like I said, I'm not against two-factor authentication, but I am against forcing it upon me. I do - and will continue to - use it.

I use a different password for everysingleplace I use, and in most cases a different username as well.

I have been 'hacked' before in a game I used to play that ironically had two-factor authentication (A 'Pin-code' system). That's the only thing of mine that has ever been exploited and it turns out they got a SQL dump with non-salted passwords, likely got the un-hashed pass in minutes and brute-forced my pin as the game seems to have zero brute-force recognition. I later got my character back and all of it's stuff as there was an obvious roll-back.

Like I said, I'm not against two-factor authentication, but I am against forcing it upon me. I do - and will continue to - use it.

Mine was my email as the username & password I used everywhere, and yea you're right, changing at least the username or the password is the key, which I was stupid enough to ignore, the few days it took to change them was worth it, and I now use a secure and unique password / username for every site